Want to detect Cobalt Strike on the network? Look to process memory
Security analysts have tools to spot hard-to-find threat, Unit 42 says
Enterprise security pros can detect malware samples in environments that incorporate the highly evasive Cobalt Strike attack code by analyzing artifacts in process memory, according to researchers with Palo Alto Networks' Unit 42 threat intelligence unit....